On Tue, 12 Sep 2000, Michael Tokarev wrote: > Chip Christian wrote: > > > > erbenson@alaska.net said: > > > scp does not create an interactive session, so it should be possible > > > for ssh to eschew password change enforcment for non-interactive > > > sessions. > > > > > this would allow users to avoid it by logging in by ssh host /bin/bash > > > but if they are that stubborn they will find other ways to get out of > > > changing their password. > > > > Sure, but it still ought to consume any grace logins the user has left, so > > once the password expires for good, all logins, passworded or not, should > > fail. > > Moreover, I think that even scp (and any other non-interactive app) should > just refuse access if user's password should be changed. (It must if it is > expired, as Chip Christian said.) "Hey, change your password firts using > some interactive way, and retry afterwards". Actually, scp _is_ (partially) > interactive. I would really like this feature added to OpenSSH. What can I do to help ? > > _______________________________________________ > > Pam-list@redhat.com > https://listman.redhat.com/mailman/listinfo/pam-list > -- Paul Faure paul@paulfaure.com Carleton University Systems Engineer 3rd Year paul@porkchop.org Engsoc Admin/BOG Technical Director paul@engsoc.org
